Overview
On Site
$150,000 - $197,000 annually
Full Time
Skills
Web Architecture
Network
Client/server
Management
Security Engineering
Incident Management
WAF
Documentation
S-PLUS
Web Applications
Firewall
HTTP
DNS
Dragon NaturallySpeaking
Terraform
Communication
Leadership
Collaboration
Agile
DevSecOps
Workflow
ISO 9000
Gramm-Leach-Bliley Act
CISSP
OSCP
Certified Ethical Hacker
CISM
Cyber Security
Cloud Computing
Amazon Web Services
Microsoft Azure
Google Cloud Platform
Google Cloud
Security QA
Burp Suite
Fortify
Python
Scripting
Artificial Intelligence
Messaging
Job Details
RESPONSIBILITIES:
Kforce has a client that is seeking a Senior Cybersecurity Web Application Firewall (WAF) Engineer for a hybrid Atlanta, GA or New York.
Summary:
Kforce is partnering with a major enterprise organization seeking a Senior Cybersecurity WAF Engineer to enhance the security posture of their public-facing websites. In this role, you will be instrumental in tuning WAF policies, supporting secure web architecture, and responding to active threat events using the WAF as both a protective and detective control.
This role combines deep technical expertise with strategic impact. You wil work across teams to improve defenses, optimize WAF configurations, and integrate security into the fabric of digital experiences. Your knowledge of network layers, edge services, and secure client-server architecture will be critical to success.
Duties:
* Deploy and manage WAF protections for high-visibility web applications
* Optimize and tune WAF policies to enhance detection and reduce false positives
* Partner with architecture and security engineering teams to scale WAF implementations for new apps and services
* Design and build WAF alerting, automation, and response workflows
* Participate in incident response, using WAF insights to mitigate and prevent web-based attacks
* Contribute to standards, documentation, and tooling to support a proactive security posture
* Stay ahead of emerging threats, vulnerabilities, and defensive technologies
REQUIREMENTS:
* 4+ years of professional experience in cybersecurity or a related field (Bachelor's + 4 years, Master's + 2 years, or 8+ years total acceptable)
* 2+ years of hands-on experience with Web Application Firewalls and deep knowledge of HTTP/S, DNS, and edge service architecture
* Recent experience with Terraform in production environments
* Familiarity with Layer 7 security concepts and cloud-native architectures
* Strong communication skills-you can explain complex risks to both engineers and leadership
* Proven ability to collaborate across large organizations, working with developers, infrastructure, and security teams
* Experience with Agile and DevSecOps workflows in enterprise environments
* Working knowledge of industry security frameworks (e.g., NIST, ISO 27000) and regulatory requirements (e.g., GDPR, GLBA)
Preferred Qualifications:
* Relevant certifications: CISSP, OSCP, CEH, CISM, AWS/Azure certs, etc.
* Background in modern cybersecurity architecture (Zero Trust, container security, serverless)
* Cloud platform expertise (AWS, Azure, or Google Cloud Platform)
* Familiarity with security testing tools like BurpSuite, Veracode, Fortify, or Wiz
* Python scripting and automation experience a plus
* Prior consulting, Fortune 500, or critical infrastructure industry experience
This is an exciting opportunity to play a key role in defending critical infrastructure against real-world threats while working with cutting-edge tools and top-tier professionals. If you're ready to make a measurable impact, Kforce wants to hear from you!
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce has a client that is seeking a Senior Cybersecurity Web Application Firewall (WAF) Engineer for a hybrid Atlanta, GA or New York.
Summary:
Kforce is partnering with a major enterprise organization seeking a Senior Cybersecurity WAF Engineer to enhance the security posture of their public-facing websites. In this role, you will be instrumental in tuning WAF policies, supporting secure web architecture, and responding to active threat events using the WAF as both a protective and detective control.
This role combines deep technical expertise with strategic impact. You wil work across teams to improve defenses, optimize WAF configurations, and integrate security into the fabric of digital experiences. Your knowledge of network layers, edge services, and secure client-server architecture will be critical to success.
Duties:
* Deploy and manage WAF protections for high-visibility web applications
* Optimize and tune WAF policies to enhance detection and reduce false positives
* Partner with architecture and security engineering teams to scale WAF implementations for new apps and services
* Design and build WAF alerting, automation, and response workflows
* Participate in incident response, using WAF insights to mitigate and prevent web-based attacks
* Contribute to standards, documentation, and tooling to support a proactive security posture
* Stay ahead of emerging threats, vulnerabilities, and defensive technologies
REQUIREMENTS:
* 4+ years of professional experience in cybersecurity or a related field (Bachelor's + 4 years, Master's + 2 years, or 8+ years total acceptable)
* 2+ years of hands-on experience with Web Application Firewalls and deep knowledge of HTTP/S, DNS, and edge service architecture
* Recent experience with Terraform in production environments
* Familiarity with Layer 7 security concepts and cloud-native architectures
* Strong communication skills-you can explain complex risks to both engineers and leadership
* Proven ability to collaborate across large organizations, working with developers, infrastructure, and security teams
* Experience with Agile and DevSecOps workflows in enterprise environments
* Working knowledge of industry security frameworks (e.g., NIST, ISO 27000) and regulatory requirements (e.g., GDPR, GLBA)
Preferred Qualifications:
* Relevant certifications: CISSP, OSCP, CEH, CISM, AWS/Azure certs, etc.
* Background in modern cybersecurity architecture (Zero Trust, container security, serverless)
* Cloud platform expertise (AWS, Azure, or Google Cloud Platform)
* Familiarity with security testing tools like BurpSuite, Veracode, Fortify, or Wiz
* Python scripting and automation experience a plus
* Prior consulting, Fortune 500, or critical infrastructure industry experience
This is an exciting opportunity to play a key role in defending critical infrastructure against real-world threats while working with cutting-edge tools and top-tier professionals. If you're ready to make a measurable impact, Kforce wants to hear from you!
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.